Exam Code: NSE7_EFW-6.2 (Practice Exam Latest Test Questions VCE PDF)
Exam Name: Fortinet NSE 7 - Enterprise Firewall 6.2
Certification Provider: Fortinet
Free Today! Guaranteed Training- Pass NSE7_EFW-6.2 Exam.
Free demo questions for Fortinet NSE7_EFW-6.2 Exam Dumps Below:
NEW QUESTION 1
Examine the following routing table and BGP configuration; then answer the question below.
TheBGP connection is up, but the local peer is NOT advertising the prefix 192.168.1.0/24. Which configuration change will make the local peer advertise this prefix?
- A. Enable the redistribution of connected routers into BGP.
- B. Enable the redistribution of static routers into BGP.
- C. Disable the setting network-import-check.
- D. Enable the setting ebgp-multipath.
Answer: C
NEW QUESTION 2
A FortiGate device has the following LDAP configuration:
The LDAP user student cannotauthenticate. The exhibit shows the output of the authentication real time debug while testing the student account:
Based on the above output, what FortiGate LDAP settings must the administer check? (Choose two.)
- A. cnid.
- B. username.
- C. password.
- D. dn.
Answer: BC
Explanation:
https://kb.fortinet.com/kb/viewContent.do?externalId=13141
NEW QUESTION 3
A FortiGate has two default routes:
All Internet traffic is currently using port1. The exhibit shows partial information for one sample session of Internet traffic from an internal user:
What would happen with the traffic matching the above session if the priority on the first default route (IDd1) were changed from 5 to 20?
- A. Session would remain in the session table and its traffic would keep using port1 as the outgoing interface.
- B. Session would remain in the session table and its traffic would start using port2 as the outgoing interface.
- C. Session would be deleted, so the client would need to start a new session.
- D. Session would remain in the session table and its traffic would be shared between port1 and port2.
Answer: A
NEW QUESTION 4
Which two statements about FortiManager is true when it is deployed as a local FDS? (Choose two.)
- A. It caches available firmware updates for unmanaged devices.
- B. It can be configured as an update server, or a rating server, but not both.
- C. It supports rating requests fromboth managed and unmanaged devices.
- D. It provides VM license validation services.
Answer: AD
NEW QUESTION 5
An administrator is running the following sniffer in a FortiGate: diagnose sniffer packet any “host 10.0.2.10” 2
What information is included in the output of the sniffer? (Choose two.)
- A. Ethernet headers.
- B. IP payload.
- C. IPheaders.
- D. Port names.
Answer: BC
Explanation:
https://kb.fortinet.com/kb/documentLink.do?externalID=11186
NEW QUESTION 6
Examine the following partial outputs from two routing debug commands; then answer the question below.
# get router info kernel
tab=254 vf=0 scope=0type=1 proto=11 prio=00.0.0.0/0.0.0.0/0->0.0.0.0/0 pref=0.0.0.0 gwy=10.200.1.254 dev=2(port1)
tab=254 vf=0 scope=0type=1 proto=11 prio=10 0.0.0.0/0.0.0.0/0->0.0.0.0/0 pref=0.0.0.0 gwy=10.200.2.254 dev=3(port2)
tab=254 vf=0 scope=253type=1 proto=2 prio=0 0.0.0.0/0.0.0.0/.->10.0.1.0/24 pref=10.0.1.254 gwy=0.0.0.0 dev=4(port3)
# get router info routing-table all s*0.0.0.0/0 [10/0] via 10.200.1.254, portl [10/0] via 10.200.2.254, port2, [10/0] dO.0.1.0/24 is directly connected, port3 dO.200.1.0/24 is directly connected, portl d0.200.2.0/24 is directly connected, port2
Which outbound interface or interfaces will be used by this FortiGate to route web traffic from internal users to the Internet?
- A. port!
- B. port2.
- C. Both portl and port2.
- D. port3.
Answer: B
NEW QUESTION 7
An administrator has configured a dial-up IPsec VPN with one phase 2, extended authentication (XAuth) and IKE mode configuration. The administrator has also enabled the IKE real time debug:
diagnose debug application ike-1 diagnose debug enable
In which order is each step and phase displayed in the debug output each time a new dial-up user is connecting to the VPN?
- A. Phase1; IKE mode configuration; XAuth; phase 2.
- B. Phase1; XAuth; IKE mode configuration; phase2.
- C. Phase1; XAuth; phase 2; IKE mode configuration.
- D. Phase1; IKE mode configuration; phase 2; XAuth.
Answer: B
Explanation:
https://help.fortinet.com/fos50hlp/54/Content/FortiOS/fortigate-ipsecvpn-54/IPsec_VPN_Concepts/IKE_Packet
NEW QUESTION 8
What is the purpose of an internal segmentation firewall (ISFW)?
- A. It inspects incoming traffic to protect services in the corporate DMZ.
- B. It is the first line of defense at the network perimeter.
- C. It splits the network into multiple security segments to minimize the impact of breaches.
- D. It is an all-in-one security appliance that is placed at remotesites to extend the enterprise network.
Answer: C
Explanation:
ISFW splits your network into multiple security segments. They serve as a breach containers from attacks that come from inside.
NEW QUESTION 9
What events are recorded in the crashlogs of a FortiGate device? (Choose two.)
- A. A process crash.
- B. Configuration changes.
- C. Changes in the status of any of the FortiGuard licenses.
- D. System entering to and leaving from the proxy conserve mode.
Answer: AD
Explanation:
diagnose debug crashlog read
275: 2014-08-05 13:03:53 proxy=acceptorservice=imap session fail mode=activated276: 2014-08-05
13:03:53 proxy=acceptor service=ftp session fail mode=activated277: 2014-08-05 13:03:53 proxy=acceptor service=nntp session fail mode=activated278: 2014-08-06 11:05:47 service=kernel conserve=on free=”45034 pages” red=”45874 pages” msg=”Kernel279: 2014-08-06 11:05:47 enters conserve mode”280: 2014-08-06 13:07:16 service=kernel conserve=exit free=”86704 pages” green=”68811 pages”281: 2014-08-06 13:07:16 msg=”Kernel leaves conserve mode”282: 2014-08-06
13:07:16 proxy=imd sysconserve=exited total=1008 free=349 marginenter=201283: 2014-08-06 13:07:16 marginexit=302
NEW QUESTION 10
Examine the output of the ‘diagnose ips anomaly list’ command shown in the exhibit; then answer the question below.
Which IP addresses are included in the output of this command?
- A. Those whose traffic matches a DoS policy.
- B. Those whose traffic matches an IPS sensor.
- C. Those whose traffic exceeded a threshold of a matching DoS policy.
- D. Those whosetraffic was detected as an anomaly by an IPS sensor.
Answer: A
NEW QUESTION 11
View the exhibit, which contains the output of a debug command, and then answer the question below.
What statement is correct about this FortiGate?
- A. It is currently in system conserve mode because of high CPU usage.
- B. It is currently in FD conserve mode.
- C. It is currently in kernel conserve mode because of high memory usage.
- D. It iscurrently in system conserve mode because of high memory usage.
Answer: D
NEW QUESTION 12
In which two states is a given session categorized as ephemeral? (Choose two.)
- A. A TCP session waiting to complete the three-way handshake.
- B. A TCP session waiting for FIN ACK.
- C. A UDP session with packets sent and received.
- D. A UDP session with only one packet received.
Answer: AD
NEW QUESTION 13
Examine the output from the 'diagnose debug authd fsso list' command; then answer the question below.
# diagnose debug authd fsso list—FSSO logons-IP: 192.168.3.1 User: STUDENT Groups: TRAININGAD/USERS Workstation: INTERNAL2. TRAINING. LAB The IP address 192.168.3.1 is
NOT the one used by the workstation INTERNAL2. TRAINING. LAB.
What should the administrator check?
- A. The IP address recorded in the logon event for the user STUDENT.
- B. The DNS name resolution for the workstation name INTERNAL2. TRAININ
- C. LAB.
- D. The source IP address of the traffic arriving to the FortiGate from the workstation INTERNAL2.TRAININ
- E. LAB.
- F. The reserve DNS lookup forthe IP address 192.168.3.1.
Answer: C
NEW QUESTION 14
View the exhibit, which contains the output of a debug command, and then answer the question below.
Which one of the following statements about this FortiGate is correct?
- A. It is currently in system conserve mode because of high CPU usage.
- B. It is currently in extreme conserve mode because of high memory usage.
- C. It is currently in proxy conserve mode because of high memory usage.
- D. It is currently in memory conserve mode because of high memory usage.
Answer: D
NEW QUESTION 15
Examine the output of the 'diagnose debug rating' command shown in the exhibit; then answer the question below.
Whichstatement are true regarding the output in the exhibit? (Choose two.)
- A. There are three FortiGuard servers that are not responding to the queries sent by the FortiGate.
- B. The TZ value represents the delta between each FortiGuard server's timezone and the FortiGate's time zone.
- C. FortiGate will send the FortiGuard queries to the server with highest weight.
- D. A server's round trip delay (RTT) is not used to calculate its weight.
Answer: BC
NEW QUESTION 16
View the exhibit, which contains the output of diagnose syssession list, and then answer the question below.
If the HA ID for the primary unit is zero (0), which statement is correct regarding the output?
- A. This session is for HA heartbeat traffic.
- B. This session is synced with the slave unit.
- C. Theinspection of this session has been offloaded to the slave unit.
- D. This session cannot be synced with the slave unit.
Answer: B
NEW QUESTION 17
A FortiGate's portl is connected to a private network. Its port2 is connected to the Internet. Explicit web proxy is enabled in port1 and only explicit web proxy users can access the Internet. Web cache is NOT enabled. An internal web proxy user is downloading a file from the Internet via HTTP. Which statements are true regarding the two entries in the FortiGate session table related with this traffic? (Choose two.)
- A. Both session have the local flag on.
- B. The destination IP addresses of both sessions are IP addresses assigned to FortiGate'sinterfaces.
- C. One session has the proxy flag on, the other one does not.
- D. One of the sessions has the IPaddress of port2 as the source IP address.
Answer: AD
NEW QUESTION 18
Which two tasks are automated using theInstall Wizard on FortiManager? (Choose two.)
- A. Preview pending configuration changes for managed devices.
- B. Add devices to FortiManager.
- C. Import policy packages from managed devices.
- D. Install configuration changes to managed devices.
- E. Import interface mappings from managed devices.
Answer: AD
Explanation:
https://help.fortinet.com/fmgr/50hlp/56/5-6-2/FortiManager_Admin_Guide/1000_Device%20Manager/1200_ins
There are 4 main wizards:Add Device: is used to add devices to central management and import their configurations.
Install: is used to install configuration changes from Device Manager or Policies & Objects to the managed devices. It allows you to preview the changes and, if the administrator doesn’t agree with the changes, cancel and modify them.
Import policy: isused to import interface mapping, policy database, and objects associated with the managed devices into a policy package under the Policy & Object tab. It runs with the Add Device wizard by default and may be run at any time from the managed device list.
Re-install policy: is used to perform a quick install of the policy package. It doesn’t give the ability to preview the changes that will be installed to the managed device.
NEW QUESTION 19
How does FortiManager handle FortiGuard requests from FortiGate devices, when it is configured as a local FDS?
- A. FortiManager can download and maintain local copies of FortiGuard databases.
- B. FortiManager supports only FortiGuard push to managed devices.
- C. FortiManager will respond to update requests only if they originate from a managed device.
- D. FortiManager does not support rating requests.
Answer: A
NEW QUESTION 20
An LDAP user cannot authenticate against a FortiGate device. Examine the real time debug output shown in the exhibit when the user attempted the authentication; then answer thequestion below.
Based on the output in the exhibit, what can cause this authentication problem?
- A. User student is not found in the LDAP server.
- B. User student is using a wrong password.
- C. The FortiGate has been configured with the wrong password for the LDAP administrator.
- D. The FortiGate has been configured with the wrong authentication schema.
Answer: A
NEW QUESTION 21
Examine the output fromthe BGP real time debug shown in the exhibit, then the answer the question below:
Which statements are true regarding the output in the exhibit? (Choose two.)
- A. BGP peers have successfully interchangedOpenandKeepalivemessages.
- B. Local BGP peer received a prefix for a default route.
- C. The state of the remote BGP peer isOpenConfirm.
- D. The state of the remote BGP peer will go toConnectafter it confirms the received prefixes.
Answer: AB
NEW QUESTION 22
Examine the partial output from the IKE real time debug shown in the exhibit; then answer the question below.
Why didn’t the tunnel come up?
- A. IKEmode configuration is not enabled in the remote IPsec gateway.
- B. The remote gateway’s Phase-2 configuration does not match the local gateway’s phase-2 configuration.
- C. The remote gateway’s Phase-1 configuration does not match the local gateway’s phase-1configuration.
- D. One IPsec gateway is using main mode, while the other IPsec gateway is using aggressive mode.
Answer: C
NEW QUESTION 23
Examine the output of the ‘get router info bgp summary’ command shown in the exhibit; then answer the question below.
Which statement can explain why the state of the remote BGP peer 10.200.3.1 is Connect?
- A. The local peer is receiving the BGP keepalives from the remote peer but it has not received any BGP prefix yet.
- B. The TCP session for the BGP connection to 10.200.3.1 is down.
- C. The local peer has received the BGP prefixed from the remote peer.
- D. The local peer is receiving the BGP keepalives from the remote peer but it has not received the OpenConfirm yet.
Answer: B
Explanation:
http://www.ciscopress.com/articles/article.asp?p=2756480&seqNum=4
NEW QUESTION 24
......
Thanks for reading the newest NSE7_EFW-6.2 exam dumps! We recommend you to try the PREMIUM Allfreedumps.com NSE7_EFW-6.2 dumps in VCE and PDF here: https://www.allfreedumps.com/NSE7_EFW-6.2-dumps.html (91 Q&As Dumps)